Re: snmpd doesn't handle "weird" community strings?

Tue, 06 Jul 2004 08:08:39 -0700 

> I asked a week or so ago what restrictions, if any, there were on community
> strings and didn't see an answer.  I've since poked around the MIBs and
> such and believe I've determined that a community string is a 256-octet
> string.

I don't believe there are any explicit restrictions on a community string
in the SNMP specs themselves, but some MIBs make certain assumptions
about such strings.
  For example, RMON-MIB::eventCommunity is defined as
                (OCTET STRING (SIZE (0..127))
and NOTIFICATION-LOG-MIB::nlmLogContextName as
        SnmpAdminString  i.e. a printable OCTET STRING (SIZE (0..255))

It may also be used as (part of) a table index, in which case the whole
thing must be shorted than 127 subidentifiers.



>  That is, it can be up to 256 8-bit characters including, in the extreme,
> nul, Unicode, etc.  So, I tried things like:
> 
>    Foo$Bar & Grill
> 
> and
> 
>    #<b>Hi!</b>
> 
> These strings look find in my snmpd.conf:
> 
>   # rocommunity: a SNMPv1/SNMPv2c read-only access community name
>   #   arguments:  community [default|hostname|network/bits] [oid]
> 
>   rocommunity Foo$Bar & Grill
> 
>   # rwcommunity: a SNMPv1/SNMPv2c read-write access community name
>   #   arguments:  community [default|hostname|network/bits] [oid]
> 
>   rwcommunity #<b>Hi!</b>
> 
> but my clients time out:
> 
> snmpget -v 2c -c 'Foo$Bar & Grill' myserver system.sysDescr
> Timeout: No Response from myserver.


My *guess* is that it's probably the config file parsing that's
getting confused.   Try running the agent with '-Dread_config'
and/or '-Dnetsnmp_udp_parse_security' and watch what gets set up.
   You may also need to run the agent under the debugger, and look
at the contents of the com2sec mappings.


Dave



-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Net-snmp-users mailing list
[EMAIL PROTECTED]
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users

Reply via email to